* Add missing `Fn::GetAtt` attributes to S3 bucket mock
Addresses an issue reported here https://github.com/localstack/aws-cdk-local/issues/1
* Reformat touched files with `black`
* Reformat touched files with `black` on Python 3.7
The pagination for this endpoint has been modified to more closely
model the real AWS behavior:
* Log Groups are now sorted alphabetically by `logGroupName`.
* `nextToken` is now a string containing the last `logGroupName` in the
current response.
* Specifying an invalid `nextToken` does not generate an error, but does
return an empty group list.
* `nextToken` is not included in the response if there are no additional
items to return.
Fixes#3395
* Properly coerce `Encrypted` attribute to bool on request/response.
* Create and use a default AWS managed CMK for EBS when clients request
an encrypted volume without specifying a KmsKeyId.
NOTE: A client-provided KmsKeyId is simply stored as-is, and is not validated
against the KMS backend. This is in keeping with other moto backends (RDS, Redshift)
that currently also accept unvalidated customer master key (CMK) parameters, but could
be an area for future improvement.
Closes#3248
* Enable more unit tests for ACM
* put a smile on travis-ci face
Co-authored-by: nom3ad <nom3ad@gmail.com>
Co-authored-by: Bert Blommers <bblommers@users.noreply.github.com>
* ACM: support `tags` parameter in import_certificate()
* ACM: support tags parameter in request_certificate()
* ACM: better tag operations with more unit tests
Co-authored-by: nom3ad <nom3ad@gmail.com>
The `tag_filter` method has been re-arranged to mimic the actual AWS behavior:
Return `True` if *any* tag matches a filter and *all* filters are matched.
Python's closures are late-binding, so we have to modify the lambdas accordingly!
Closes#2814
When comparing old and new values when doing a nested item update, the
`!=` implementation fails when the value being compared is `None`. This
results in an exception when trying to insert a new item into a nested
map. So just do a quick check that the original value is exists before
doing the comparison, as the `None` default is what is tripping this.
* SecretsManager - handle missing secrets versions
The get_secret_value method should raise ResourceNotFoundException
if a secret exists but the provided VersionId does not.
* Run black
* 2.x support
* black fix?
* secret is not a dict. Fix error msg output.
* Transcribe first cut: Medical: start, get and delete jobs.
* Added list_medical_transcription_job() support to Transcribe.
* Support for medical vocabularies.
* Added transcribe to list of backends to fix server mode error.
* PR3299 requested changes: don't offer deprecated decorator, regionalize download_uri, create/use service-specific exceptions.
Co-authored-by: Joseph Weitekamp <jweite@amazon.com>
* Start working on flow logs
* Change test
* Constructing tests
* Changing exceptions and adding more tests
* Adding more tests
* Changing model and adding more tests
* Adding support for tags
* Mocking Access error with non-existing Log Group Name
* Adding FlowLogAlreadyExists support
* Changing style
* Reformatted code
* Reformatted tests
* Removing needless test
* Adding support for CloudFormation
* Reformatting slightly
* Removing arnparse and using split
* Rearranging tests
* Fixing FilterNotImplementedError test
* Moving imports to 'if' clauses and adding explicit test for 'cloud-watch-logs' type
* Setting names matching boto3 API and restoring 'not-implementd-filter' test
* Reformatting tests with black
* added organizations detach_policy response, model, and tests, issue #3239
Signed-off-by: Ben <ben.lipscomb@fmr.com>
* Created individual tests for detach_policy exceptions, updated regex statements for Root, OU, and Account Id
* Make ElasticAddress a tagged resource
To be able to filter on tags on ElasticAddresses, I need to have tags.
* remove unneeded commented lines
Was beginning of how to to it before further checking how it is done with other resources.
* do not ignore network-interface-owner-id filter
* add TODO about currently hardcoded region
* remove hardcoding region
* add testing for tags
creating and allocation, adding tags and querying for it
* separate test for tags into own method
* Linting
Co-authored-by: Bert Blommers <info@bertblommers.nl>
Support for cluster_id parameter substitution in autoscaling policy cloudwatch alarm dimensions.
New operations put_autoscaling_policy and remove_autoscaling_policy support
Co-authored-by: Joseph Weitekamp <jweite@amazon.com>
* feature added: support for api PutUserPermissionsBoundary; DeleteRolePermissionsBoundary
* minor test fix
* lint fixed
* refractored test case
* Issue 3224 s3 copy glacier object (#3318)
* 3224 Enhancement - S3 Copy restored glacier objects
- adds setter for expiry date
- copy sets expiry date to none when source is glacier object
- throws error for copying glacier object only if not restored/still restoring
* 3224 Enhancement - S3 Copy restored glacier objects
- throws error for copying deep archive object only if not restored/still restoring
* Fix:s3 List Object response:delimiter (#3254)
* Fix:s3 List Object delimiter in response
* fixed tests
* fixed failed tests
Co-authored-by: usmankb <usman@krazybee.com>
* feature added: support for api PutUserPermissionsBoundary; DeleteRolePermissionsBoundary
* minor test fix
* lint fixed
* refractored test case
* added test case for put role exception
Co-authored-by: ruthbovell <63656505+ruthbovell@users.noreply.github.com>
Co-authored-by: usmangani1 <sgosman_chem@yahoo.com>
Co-authored-by: usmankb <usman@krazybee.com>
* Make IoT certificate id generation deterministic
Fixes#3321
As per https://stackoverflow.com/questions/55847788/how-does-aws-iot-generate-a-certificate-id,
the IoT certificate ID is the SHA256 fingerprint of the
certificate. Since moto doesn't generate full certificates we will
instead use the SHA256 hash of the passed certificate pem.
* Don't allow duplicate IoT certificates to be created
Fixes#3320
When using boto3, trying to register a certificate that already
exists will throw a ResourceAlreadyExistsException. Moto should
follow the same pattern to allow testing error handling code in
this area.
* 3224 Enhancement - S3 Copy restored glacier objects
- adds setter for expiry date
- copy sets expiry date to none when source is glacier object
- throws error for copying glacier object only if not restored/still restoring
* 3224 Enhancement - S3 Copy restored glacier objects
- throws error for copying deep archive object only if not restored/still restoring
* Change to test_s3 method test_presigned_url_restrict_parameters to tolerate change in exception messages, spurred by boto3 1.14.59 release.
* ApplicationAutoscaling: support for all the current various forms of resource_id.
* Factored logic for extracting application autoscaling resource_type from resource_id to separate function, per PR3304 comment.
Co-authored-by: Joseph Weitekamp <jweite@amazon.com>
* kinesisvideo create_stream
* add kinesis video stream description
* add kinesisvideo describe_stream
* add kinesisvideo list_streams
* add kinesisvideo delete_stream
* remove unused comment
* remove duplicated definition
* add kinesis video exceptions
* pass region_name to kinesisvideo client in test
* fix kinesisvideo url path
* resolve conflict of kinesisvideo url and kinesis url
* specify region name to kinesisvideobackend
* Add get-dataendpoint to kinesisvideo
* include stream name in ResourceInUseException of kinesisvideo
* use ACCOUNT_ID from moto.core in kinesisvideo
* add server test for kinesisvideo
* split up kinesisvideo test
* added cognito-idp initiate_auth and PASSWORD_VERIFIER challenge to respond_to_auth_challenge
* fixed for python2
* added mfa, REFRESH_TOKEN to initiate_auth, SOFTWARE_TOKEN_MFA to respond_to_auth_challenge
* added negative tests
* test
* Fix: Api-Gateway ApiKeyAlreadyExists headers change.
* Added test for non decorator
* Fixed cli errors
* Fix:fixed build errors
* Fix: assert only in case of non server mode
Co-authored-by: usmankb <usman@krazybee.com>
* IAM User Cloudformation Enhancements: update, delete, getatt.
* AWS::IAM::Policy Support
* Added unit tests for AWS:IAM:Policy for roles and groups. Fixed bug related to groups.
* AWS:IAM:AccessKey CloudFormation support.
* Refactor of CloudFormation parsing.py methods to simplify and standardize how they call to the models. Adjusted some models accordingly.
* Further model CloudFormation support changes to align with revised CloudFormation logic. Mostly avoidance of getting resoure name from properties.
* Support for Kinesis Stream RetentionPeriodHours param.
* Kinesis Stream Cloudformation Tag Support.
* Added omitted 'region' param to boto3.client() calls in new tests.
Co-authored-by: Joseph Weitekamp <jweite@amazon.com>
* Add check for existing execution, fix issue with make init
* Remove f-string usage
* Remove fstring usage in test
* Pin black and run formatting on test_stepfunction
* Reverse changes made by black 20.8b1
* Add support for Description in egress rule response
* Update SecurityGroup default egress rule ip range
* Remove extra commas
* Remove extra commas
* Lower docker package in Travis
* Add more lambda vars per PR 3247
* Remove code added in 3247
* Add tests for egress rules with Descriptions
* Reformat based on black
Co-authored-by: spillin <jmbollard@me.com>
* lambda-responses: add method to dispatch concurrency calls
* lambda-resources: add route to handle concurrency requests
* lambda-model: implement put_function_concurrency and concurrency attribute
* put-concurrency-tests: add one simple test
* get_function: add concurrency entry - with test
* lambda-reserved-concurrency: cloudformation support
* lambda-concurrency: implement delete_reserved with tests
* lambda-concurrency: implement get_reserved with tests
* lint
* implementation-cov: mark delete_function_concurrency, put_function_concurrency and get_function_concurrency
* botocore doesn't display concurrency entry for lambdas without it
* lambda(refactor): improvements on response's handler
* Support for CloudFormation stack resource deletion via backend resource method
delete_from_cloudformation_json() via parse_and_delete_resource().
* Correction to the inappropriate inclusion of EndingSequenceNumber in open shards.
This attribute should only appear in closed shards. This regretfully prevents
confirmation of consistent record counts after split/merge in unit tests.
* Added parameters/decorator to CloudFormationModel method declarations to calm-down Pycharm.
Co-authored-by: Joseph Weitekamp <jweite@amazon.com>
* First cut of S3 Cloudformation Update support: encryption property.
* Update type support for S3. Abstract base class for CloudFormation-aware models, as designed by @bblommers, introduced to decentralize CloudFormation resource and name property values to model objects.
* Blackened...
* Un-renamed param in s3.models.update_from_cloudformation_json() and its call to stay compatible with other modules.
Co-authored-by: Bert Blommers <bblommers@users.noreply.github.com>
Co-authored-by: Joseph Weitekamp <jweite@amazon.com>
Co-authored-by: Bert Blommers <info@bertblommers.nl>
* implement register_image
* format code
* add user_ids to snapshot model
* implement register_image
* format code
* add user_ids to snapshot model
* trying to un-deprecate tests
* Write tests and finalize implementation
* Add region parameter to boto3 resource call
* fixed test error
* Feature: Support --filters opton in secretsmanager:ListSecrets
* Implement some of the secret filters
* Check listSecrets filters combine with an implicit AND operator
* Test all filter and multi-value filter and multi-word filter
* Fix matcher behavior, restructure code
* Implement remaining listSecrets filter cases
* Linter fixes
* Use contains-in-any-order assertions for test_list_secrets
* Linter fix again
* Attempt Python 2 fix for assert_items_equal
* Remove docstrings from test_list_secrets tests as they make the test reports weird
* Test and handle listSecrets filter with no values
* Add test for describe_instance_types
It currently fails due to an invalid XML schema
* Add more detail to test
* Fix the XML schema for describe_instance_types
* fix sqs tag list from cloudformation resource creation
the method `create_from_cloudformation_json` of the Sqs resource
does not handle the difference of format of the Tags field in the
resource template and the format expected in Sqs resource class.
In cfn resource template Tags is specified as a list of dicts. But
the Sqs resource expects that the tags field be a single dict.
This behaviour causes a crash when a queue is created with tags
from `create_from_cloudformation_json` and later the list_queue_tags
is called because it tries to call `items` from `queue.tags` but
tags is actually a list of dicts.
* fix comment
* fix linter
* minor
Co-authored-by: Hudo Assenco <hudo.assenco@gmail.com>
* Fixed defect with CloudFormation provisioning of S3 buckets occuring when stack has a long name, resulting in the default S3 bucket name's length exceeding its 63 char limit.
* PR 3169 July 23, 2020 2:57a ET comment: added additional asserts to assure provisioned bucket's name complies. Fixed bug in my earlier change that could produce default bucket names with illegal upper-case characters in it.
Co-authored-by: Joseph Weitekamp <jweite@amazon.com>
* Enforce parameter naming
Parameters are not allowed to start with `ssm` or `aws`. This commit adds error messages which
correspond exactly to the error messages returned by boto3.
* Fix for Python 2 compatibility
f-strings not supported in Python 2.7
* Fix : SQS - Added support for attribute labels for send_message function
* Add integration test on receive message function
* Add send message invalid datetype integration test and fix SQS MessageAttributesInvalid exceptions
* Implement Filter: Contains functionality for describe_params
This commit adds the Contains functionality. Tests were created
to mimic behavior in AWS/boto3, including that filters with values
in the form of `/name` will match parameters named `/name/match` but
not parameters named `match/with/other-name`. In the test example, a
Contains filter with the value `/tan` would match: `/tangent-3` and
`tangram-4` but not `standby-5`.
* Enforce parameter filter restrictions on get_parameters_by_path
According to the boto3 documentation [1], `Name`, `Path`, and `Tier` are not
allowed values for `Key` in a parameter filter for `get_parameters_by_path`.
This commit enforces this by calling `_validate_parameter_filters` from the
`get_parameters_by_path` method, and adding a check to `_validate_parameter_filters`.
I added 3 test cases to `test_get_parameters_by_path` which check for the correct
exception when calling with a parameter filter using any of these keys.
* Code formatted to match style
* Refactored logic
* FIX:IAM-Added support for pathPrefix in list_users_function
* removed changes for roles
* Added test for non decorator
* changed filter function
Co-authored-by: usmankb <usman@krazybee.com>
* Adding attchment.vpc-id, attachment.state, type, and vpn-gateway-id filters for VPN Gateways. fixes#3154
* Run formatting on tests
Co-authored-by: Alan Baldwin <alan.baldwin.jr@gmail.com>
* initial implementation of taskSets. Fixed a bug with ECS Service where task_definition was a required parameter.
* Added update_task_set and tests. DRYed up ClusterNotFoundException. General cleanup.
* Added support for filtering tags on include parameter to describe_task_sets. Added additional tests.
* Fix copy/pasta in ClusterNotFoundException
* styling updates
* Added TODO for delete_task_set force parameter
* Updated multiple function and constructor calls to use named variables. Updated tests to reference variables instead of hardcoded strings.
* Run black for formatting
* Updated create_service function call to use named variables
* First failing test, and enough framework to run it.
* Rudimentary passing test.
* Sagemaker Notebook Support, take-1: create, describe, start, stop, delete.
* Added list_tags.
* Merged in model support from https://github.com/porthunt/moto/tree/sagemaker-support.
* Re-org'd
* Fixed up describe_model exception when no matching model.
* Segregated tests by Sagemaker entity. Model arn check by regex..
* Python2 compabitility changes.
* Added sagemaker to list of known backends. Corrected urls.
* Added sagemaker special case to moto.server.infer_service_region_host due to irregular url format (use of 'api' subdomain) to support server mode.
* Changes for PR 3105 comments of July 10, 2020
* PR3105 July 10, 2020, 8:55 AM EDT comment: dropped unnecessary re-addition of arn when formulating model list response.
* PR 3105 July 15, 2020 9:10 AM EDT Comment: clean-up SageMakerModelBackend.describe_models logic for finding the model in the dict.
* Optimized imports
Co-authored-by: Joseph Weitekamp <jweite@amazon.com>
* Make batch.utils.lowercase_first_key() recursive
* Reformat using black
* Add test of recursive lowercase_first_key()
* Fix typo in ttest_batch/test_cloud_formation.py
* Placeholder to test Application Autoscaling.
* Wire everything together and create a first passing test without any real functionality.
* Get one test working properly.
* Add some TODO items.
* Reformat code with black
* Second passing test for describe_scalable_targets.
* New test for NextToken.
* Add some tests for ParamValidationError and ValidationException.
* black
* Ensure scalable targets are being captured in an OrderedDict() for deterministic return later.
* Add validation to describe_scalable_targets and register_scalable_target.
* Fix tests.
* Add creation_time, refactor, add ECS backend, and add failing test for checking that ecs service exists.
* Add parameter validation.
* Improved documentation for CONTRIBUTING.md
Adds some details to give people an idea what's involved in adding new features/services
* Integrate with ECS.
* black
* Refactor to allow implementation of SuspendedState.
* Complete support for SuspendedState.
* Bump up implementation coverage percentage.
* Tidy up code; add comments.
* Implement suggested changes from code review.
* Minor refactorings for elegance.
* README update
Co-authored-by: Bert Blommers <bblommers@users.noreply.github.com>
This change fixes:
* Replace call to non-existent exception yaml.ParserError
* Catches yaml scanner error for valid json with tabs
* Supply yaml loader to ensure yaml loading throws exception validly for json with tabs and doesn't try to load the json incorrectly
* Several updates to the contributor documentation with extra information.
* Fix failing test by providing a region.
* Create test for issue 2210.
* Check if CreateBucketConfiguration is supplied and empty; raise MalformedXML error if so.
* change line position for uuid and last_modified because they're not input parameters
* add event_source_arn validator and setter
* refactor batch_size as setter
* add helper function to parse arn and return source service
* fix for EventSource's create_from_cfn, there was no reference in the lambda object for the esm if created by cfn
* add esm deletion by cloudformation
* remove unused variable in test
* add cfn's update
* add complete implementation of delete_from_cfn
* blacked changed files
* fix test with invalid batchsize for sqs
* Dynamodb2 Table - Bugfix for localindex and implemented get_cfn_attributes
* Dynamodb2 eventsource - fix test to use StreamArn attribute
* Lambda Test - fix test_update_event_source_mapping
* Correct group inline policy rendering in iam:GetAccountAuthorizationDetails response
* Include user inline policy if exists
* Add tests for IAM inline policies
* Remove unnecessary print stmts
* Fix: SecretsManager - Added missing pop() override to get_secret_name_from_arn (#3056)
* Added test case for delete_secret_force_with_arn (#3057)
* Fixed lint for test_delete_secret_force_with_arn (#3057)
* Enhancement : API-Gateway Put Integration Response - Adding support for contentHandling.
* Added tests where the contentHandling is None also gets tested.
* Linting
Co-authored-by: usmankb <usman@krazybee.com>
Co-authored-by: Bert Blommers <info@bertblommers.nl>
* add EventBus to model's map
* add support for creation of EventBus through cloudformation's api
* add cloudformation's delete
* add cloudformation's update
* add cloudformation's attribute
* CloudWwatch delete Alarm status code handling on invalid alarm Name
* Handled cases where a mix of existent and non existent alarms are tried to delete
* Linting
Co-authored-by: usmankb <usman@krazybee.com>
Co-authored-by: Bert Blommers <info@bertblommers.nl>
* Implemented IAM delete_instance_profile
* PR adjustment: positively verifying instance profile deletion in test case.
Co-authored-by: Joseph Weitekamp <jweite@amazon.com>
* implemented s3 default encryption methods
* PR adjustments: moved logic for retrieving bucket's encrypted status to the backend.
Co-authored-by: Joseph Weitekamp <jweite@amazon.com>
* Corrected bug in IAM delete_role() due to overloading of name 'role' in function
* PR-requested fixes: added region to tests boto client create, reformatted with black
Co-authored-by: Joseph Weitekamp <jweite@amazon.com>
* ENH: Add unit test for propagation tags
* BUG: Add missing translation of boolean PropagateAtLaunch tag values to strings
* BUG: Should really be checking for "true" and not True
* CLN: Black formatting
* Keep order in request body to ensure auth signing works.
* Lint.
* More OrderedDict to ensure data parameter order.
* Lint.
* Improve CF test assertions.
* Fix syntax error.
* Cleanup CF test.
* ENH: Add unit test for cloudformation DependsOn
* ENH: Add implementation of retrieving list of resources that account for dependencies
* ENH: Update the name mappings so that they are consistent with the latest cloudformation names
* ENH: Add launch configuration to type names
* ENH: Create subnet for test and test creation with dependencies
* CLN: Code reformatting
* CLN: Remove print statements
* BUG: Fix error resulting in possible infinite loop
* CLN: Remove commented out fixture decorator
* BUG: Remove subnet creation
* CLN: Remove main and ec2 dependencies
* BUG: Add back in instance profile name type
* CLN: Remove print
* BUG: Fix broken unit test
* CLN: Code reformatting
* CLN: Remove main
* ENH: Add autoscaling group name to type names
* ENH: Add unit test for string only dependency and add assertions to unit tests
* ENH: Add unit test for chained depends_on in cloudformation stack
* BUG: Remove f strings for python 2.7 compatibility
* BUG: List needs to be sorted for python2.7
* CLN: Fix code formatting
* Added some member and proposal functions
* Added additional member and proposal functions
* Fixed admin password return and added update_member along with tests
* Added network removal and member removal proposal
* Fixed failing test
* Fixed Python 2.7 test
When using the ADD syntax to sum up different components
the path that is provided is allowed to be non-existent.
In such a case DynamoDB will initialize it depending on
the type of the value.
If it is a number it will be initialized with 0.
If it is a set it will be initialized with an empty set.
When an instance is running, OpsWorks reports its status as "online"
[1], while EC2 reports it as "running". Until now, moto copied the EC2
instance's status as is. This commit introduces the converts the running
status to online when returned by OpsWorks.
[1]: https://docs.aws.amazon.com/cli/latest/reference/opsworks/describe-instances.html
